CVE-2024-0565

An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.

More information : https://access.redhat.com/errata/RHSA-2024:1188

Attack vector : ADJACENT_NETWORK
Attack complexity : LOW
Privileges required : LOW
User interaction : REQUIRED
Confidentiality impact : HIGH
Integrity impact : HIGH
Base score : 7.4
Base severity : HIGH
Exploitability score : 1.5
Impact score : 5.9